In the report titled "Debunking the Hype About Skype," senior analyst, Irwin Lazar points out that enterprise use of Skype is growing. Those contacted by Burton Group cited significant reduction in long distance and mobile phone costs due to extremely low global long-distance rates, as well as Skype's ability to deliver unified communications service for both internal and external use (Skype integrates voice, video, IM, and presence capabilities) as primary business drivers to investigate Skype.
However, evaluating whether Skype fits into an organization's overall security and information protection policy is the biggest concern for enterprises. Burton Group found three areas that should be considered:
Management and Control --
- The lack of ability to provide centralized management and control
- The inability to log (and record) conversations with external entities
- Skype is a proprietary application that does not publish its protocols for public review
- Skype may offer a backdoor into enterprise networks
- Skype's security model does not support strong authentication
- Inability to guarantee voice and video performance
- The ability to provide accurate user location information to emergency services as mandated by the FCC
- The ability to support the Communications Assistance for Law Enforcement Act (CALEA) by providing an interface for wiretapping.
Lazar discusses more about the issues enterprises should be aware of if considering Skype via a Burton Group Inflection Point podcast.
